Information broadcast systems include subscription-based systems in which a user subscribes to a broadcast system that provides programming or other content to the subscriber through a cable network or a satellite dish, for example. Since the programming is broadcast, it is transmitted once for receipt by all eligible receivers. Access to the data, however, is conditional, depending, for example, on whether or not a subscription fee has been paid for a specific receiver. Such conditional access to the content is realized by encrypting the information (usually the encryption occurs in the transmitter) under control of an authorization key and by transmitting the encrypted content to the receivers. Furthermore, the decryption keys necessary for the decryption of the content are encrypted themselves and transmitted to the receivers. Often, symmetrical encryption techniques are used, where the encryption and decryption keys are the same. Only those receivers that are entitled to the content are able to decrypt the decryption key using a first decryptor. The receivers can then decrypt the content using a second decryptor for decrypting the content under control of the authorization key.
Conditional access is provided by conditional access (CA) systems that come as matched sets—one part is integrated into the cable system headend (in a cable broadcast system) and encrypts premium content, the other part provides decryption and is built into the set-top boxes installed in user's homes. Several CA systems are used in the cable industry, including those provided by vendors such as Motorola (Schaumberg, Ill.), Scientific Atlanta (Atlanta, Ga.) and NDS (Staines, U.K.). Typically, the decryption mechanism is a dedicated encryption engine, e.g., an integrated circuit (IC) chip or dedicated hardware specifically designed to perform the decryption function. One example of a chip with this type of decryption capability is Motorola's MC 1.7 (MediaCipher v1.7) Conditional Access Control chip. All the decryption keys and the decryption functions are protected on this chip.
CA vendors generally allow limited access to the decryption engine in order to protect the decryption keys and the decryption functions. For this reason the CA vendors often tightly control the chip-making process and writing their own firmware, software, and the like. However, in order to reduce costs and increase the flexibility to outsource various parts of the chip-making process, it would be desirable to use more standardized chip-making processes in which such tight controls are unavailable, thereby making the decryption engine less secure. As a result, decryption engines manufactured in this manner are less secure and the CA systems in which they are employed are more vulnerable to attack from hackers and the like.
Decryption engines of the type described above that operate in a less secure environment would ideally be backward compatible with conventional decryption engines that operate in a more secure environment. That is, both types of decryption engines preferably should be operable in the same CA system. However, in order to maintain security, this requires that the decryption engines that operate in the less secure environment should not be able to attack those decryption engines operating in the more secure environment. That is, the decryption engines operating in the less secure environment should not be able to decrypt encrypted content that is intended to be decrypted by a decryption engine operating in the more secure environment.